Lucene search

[email protected]CVE-2007-2671

HistoryMay 14, 2007 - 11:19 p.m.

CVE-2007-2671

2007-05-1423:19:00

[email protected]

web.nvd.nist.gov

mozilla

firefox

2.0.0.3

denial of service

application crash

nvd

7.1 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:N/I:N/A:C

9.1 High

AI Score

Confidence

High

0.058 Low

EPSS

Percentile

93.4%

JSON

Mozilla Firefox 2.0.0.3 allows remote attackers to cause a denial of service (application crash) via a long hostname in an HREF attribute in an A element, which triggers an out-of-bounds memory access.

Affected configurations

NVD

Node

mozillafirefoxMatch2.0.0.3

CPENameOperatorVersion
mozilla:firefoxmozilla firefoxeq2.0.0.3

CPE	Name	Operator	Version
mozilla:firefox	mozilla firefox	eq	2.0.0.3

References

lists.grok.org.uk/pipermail/full-disclosure/2007-May/062773.html

osvdb.org/35700

securityreason.com/securityalert/2704

www.critical.lt/research/opera_die_happy.html

www.securityfocus.com/bid/23747

exchange.xforce.ibmcloud.com/vulnerabilities/33982

7.1 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:N/I:N/A:C

9.1 High

AI Score

Confidence

High

0.058 Low

EPSS

Percentile

93.4%

JSON

Related for CVE-2007-2671

nvd1 cvelist1 ubuntucve1 prion1 nessus1 openvas1 gentoo1